From debbugs-submit-bounces@debbugs.gnu.org Sun Jun 01 09:24:42 2014 Received: (at submit) by debbugs.gnu.org; 1 Jun 2014 13:24:42 +0000 Received: from localhost ([127.0.0.1]:39494 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Wr5kf-0005Yc-Gy for submit@debbugs.gnu.org; Sun, 01 Jun 2014 09:24:42 -0400 Received: from eggs.gnu.org ([208.118.235.92]:58425) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Wr5kc-0005YB-VY for submit@debbugs.gnu.org; Sun, 01 Jun 2014 09:24:40 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Wr5kO-00043W-0V for submit@debbugs.gnu.org; Sun, 01 Jun 2014 09:24:33 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=5.0 tests=BAYES_05 autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:56961) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Wr5kN-000436-U1 for submit@debbugs.gnu.org; Sun, 01 Jun 2014 09:24:23 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:60129) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Wr5kE-0007mF-0m for bug-gnu-emacs@gnu.org; Sun, 01 Jun 2014 09:24:23 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Wr5k4-0003r9-6u for bug-gnu-emacs@gnu.org; Sun, 01 Jun 2014 09:24:13 -0400 Received: from korolev.univ-paris7.fr ([2001:660:3301:8000::1:2]:42111) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Wr5k3-0003qe-Tv for bug-gnu-emacs@gnu.org; Sun, 01 Jun 2014 09:24:04 -0400 Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/46573) with ESMTP id s51DO1Cv024943 for ; Sun, 1 Jun 2014 15:24:01 +0200 Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 32D0D128111 for ; Sun, 1 Jun 2014 15:24:01 +0200 (CEST) X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id nSlj70VP7w9Y for ; Sun, 1 Jun 2014 15:23:45 +0200 (CEST) Received: from ijon.pps.univ-paris-diderot.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id B1BD3128106 for ; Sun, 1 Jun 2014 15:23:45 +0200 (CEST) Date: Sun, 01 Jun 2014 15:23:49 +0200 Message-ID: <87d2eswyoq.wl%jch@pps.univ-paris-diderot.fr> From: Juliusz Chroboczek To: bug-gnu-emacs@gnu.org Subject: 24.3; gnutls-min-prime-bits is 256 User-Agent: Wanderlust/2.15.9 MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [194.254.61.138]); Sun, 01 Jun 2014 15:24:01 +0200 (CEST) X-Miltered: at korolev with ID 538B2971.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)! X-j-chkmail-Enveloppe: 538B2971.000 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/ X-j-chkmail-Score: MSGID : 538B2971.000 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000 X-j-chkmail-Status: Ham X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -5.0 (-----) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.0 (-----) In gnutls.el, I see (defcustom gnutls-min-prime-bits 256 ...) This uses 256 bits for Diffie-Helman rather than the gnutls default, which seems awfully low to me. It looks like this was lowered due to bug#11267. I suggest that it really should be set to a reasonable value. -- Juliusz From debbugs-submit-bounces@debbugs.gnu.org Thu Jun 05 10:31:07 2014 Received: (at 17660) by debbugs.gnu.org; 5 Jun 2014 14:31:07 +0000 Received: from localhost ([127.0.0.1]:45827 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WsYh5-000767-IX for submit@debbugs.gnu.org; Thu, 05 Jun 2014 10:31:07 -0400 Received: from mail-qa0-f50.google.com ([209.85.216.50]:56159) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1WsYgz-00075P-DX for 17660@debbugs.gnu.org; Thu, 05 Jun 2014 10:31:01 -0400 Received: by mail-qa0-f50.google.com with SMTP id j15so1470978qaq.9 for <17660@debbugs.gnu.org>; Thu, 05 Jun 2014 07:30:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifelogs.com; s=google; h=from:to:cc:subject:organization:references:mail-copies-to :gmane-reply-to-list:date:in-reply-to:message-id:user-agent :mime-version:content-type; bh=WupOjvDAV8wlRXqqVOyuhNpz7WrmOY3oup4r9pphkww=; b=W6/8Wa4ov0jkohAj3QIx61FfZyJeKRd3eMpUrnNbxRKAscuEpUg8HzcnzS5S8ukeWP KcEO/77gOhrSEDt2JBwvbm8C3dXYqinAXba97pGlKCsUs4L2DS13KKsJ/MrZcsSkjIfM T+mw4GbYWGsTovSnu0SvpkRBbN1QKpquPu364= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:organization:references :mail-copies-to:gmane-reply-to-list:date:in-reply-to:message-id :user-agent:mime-version:content-type; bh=WupOjvDAV8wlRXqqVOyuhNpz7WrmOY3oup4r9pphkww=; b=iU99AlzlP0StEh1Ce1gLQQ/Pn04a3aUnQq8tE2Cj23x2MVMwZunpnOhxzAw/i5FA1L Be26bO0xCHnyA4EOp4x6Y3IP59BiyHLRcM4J0nVhplalEZqkvzTrTr8TqXy4T5eFNm0G n5h7oVi2pFFsTnc5u8sG6wgzBo2x/t9PXKwgPh+aVDgFkZrBiCKazKrDGJhXbBSyyhJy 1UQvj3d6eZN097fp4kWsnWdYm2EseLHB7+n3+7srRKmUXPTIZ5/qqAIKsOSxlWXcxMU6 vlw+DkF5GS3qYrDJiHLFDOOBGGYOn2oKkqRRxyzdwuN0WZnTa7nFnYJsVPDG9wkXvhNw 4S4A== X-Gm-Message-State: ALoCoQmQxP0LbAR7ygD/1nZ9v13SOQXWQ1+C+ru74ieOGRidHOttbuDin2jei4ilBQbtKrQ8fLDv X-Received: by 10.140.91.113 with SMTP id y104mr81373060qgd.3.1401978651771; Thu, 05 Jun 2014 07:30:51 -0700 (PDT) Received: from flea (c-98-229-61-72.hsd1.ma.comcast.net. [98.229.61.72]) by mx.google.com with ESMTPSA id g12sm9685306qaa.47.2014.06.05.07.30.50 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Thu, 05 Jun 2014 07:30:50 -0700 (PDT) From: Ted Zlatanov To: Juliusz Chroboczek Subject: Re: bug#17660: 24.3; gnutls-min-prime-bits is 256 Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos References: <87d2eswyoq.wl%jch@pps.univ-paris-diderot.fr> X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6; d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx" Mail-Copies-To: never Gmane-Reply-To-List: yes Date: Thu, 05 Jun 2014 10:30:53 -0400 In-Reply-To: <87d2eswyoq.wl%jch@pps.univ-paris-diderot.fr> (Juliusz Chroboczek's message of "Sun, 01 Jun 2014 15:23:49 +0200") Message-ID: <87tx7zfmxu.fsf@lifelogs.com> User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.4.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 17660 Cc: 17660@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) On Sun, 01 Jun 2014 15:23:49 +0200 Juliusz Chroboczek wrote: JC> In gnutls.el, I see JC> (defcustom gnutls-min-prime-bits 256 JC> ...) JC> This uses 256 bits for Diffie-Helman rather than the gnutls default, which JC> seems awfully low to me. JC> It looks like this was lowered due to bug#11267. I suggest that it really JC> should be set to a reasonable value. Please read through bug#11267 and bug#15057. The recommended solution from the GnuTLS maintainer was to avoid the DH exchange that requires `gnutls-min-prime-bits' altogether. So the proper fix seems to be to change the default for `gnutls-algorithm-priority' but that may break some people's setups (just like raising `gnutls-min-prime-bits' would). Ted From debbugs-submit-bounces@debbugs.gnu.org Mon Dec 08 14:46:57 2014 Received: (at 17660) by debbugs.gnu.org; 8 Dec 2014 19:46:57 +0000 Received: from localhost ([127.0.0.1]:58055 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xy4Gm-00054r-Q1 for submit@debbugs.gnu.org; Mon, 08 Dec 2014 14:46:57 -0500 Received: from hermes.netfonds.no ([80.91.224.195]:57011) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xy4Gk-00054g-2I for 17660@debbugs.gnu.org; Mon, 08 Dec 2014 14:46:55 -0500 Received: from cm-84.215.51.58.getinternet.no ([84.215.51.58] helo=stories.gnus.org) by hermes.netfonds.no with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1Xy4GR-0005ph-QL; Mon, 08 Dec 2014 20:46:35 +0100 From: Lars Magne Ingebrigtsen To: Juliusz Chroboczek Subject: Re: bug#17660: 24.3; gnutls-min-prime-bits is 256 References: <87d2eswyoq.wl%jch@pps.univ-paris-diderot.fr> X-Now-Playing: Paul Barker's _Fix This_: "Psampled 69 Blight" X-Hashcash: 1:23:141208:jch@pps.univ-paris-diderot.fr::LKH66gpb5oCsTDhY:00000000000000000000000000000000niAF X-Hashcash: 1:23:141208:17660@debbugs.gnu.org::ec2wrewuuzb2AXmP:0000000000000000000000000000000000000000pUfL Date: Mon, 08 Dec 2014 20:46:35 +0100 In-Reply-To: <87d2eswyoq.wl%jch@pps.univ-paris-diderot.fr> (Juliusz Chroboczek's message of "Sun, 01 Jun 2014 15:23:49 +0200") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-MailScanner-ID: 1Xy4GR-0005ph-QL X-Netfonds-MailScanner: Found to be clean X-Netfonds-MailScanner-From: larsi@gnus.org MailScanner-NULL-Check: 1418672796.02215@TBq948QiBr1B/umB/1zbNA X-Spam-Status: No X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 17660 Cc: 17660@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) Juliusz Chroboczek writes: > In gnutls.el, I see > > (defcustom gnutls-min-prime-bits 256 > ...) > > This uses 256 bits for Diffie-Helman rather than the gnutls default, which > seems awfully low to me. > > It looks like this was lowered due to bug#11267. I suggest that it really > should be set to a reasonable value. In Emacs 25, people who want higher security can use the Network Security Manager to achieve this, so I think the default here is reasonable. Closing. -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no From debbugs-submit-bounces@debbugs.gnu.org Mon Dec 08 14:47:04 2014 Received: (at control) by debbugs.gnu.org; 8 Dec 2014 19:47:04 +0000 Received: from localhost ([127.0.0.1]:58059 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xy4Gu-00055b-3s for submit@debbugs.gnu.org; Mon, 08 Dec 2014 14:47:04 -0500 Received: from hermes.netfonds.no ([80.91.224.195]:57019) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xy4Gs-000559-09 for control@debbugs.gnu.org; Mon, 08 Dec 2014 14:47:02 -0500 Received: from cm-84.215.51.58.getinternet.no ([84.215.51.58] helo=stories.gnus.org) by hermes.netfonds.no with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.72) (envelope-from ) id 1Xy4Ga-0005po-03 for control@debbugs.gnu.org; Mon, 08 Dec 2014 20:46:44 +0100 Date: Mon, 08 Dec 2014 20:46:43 +0100 Message-Id: To: control@debbugs.gnu.org From: Lars Magne Ingebrigtsen Subject: control message for bug #17660 X-MailScanner-ID: 1Xy4Ga-0005po-03 X-Netfonds-MailScanner: Found to be clean X-Netfonds-MailScanner-From: larsi@gnus.org MailScanner-NULL-Check: 1418672804.6787@lYIBuFo36kReVd8BnjzHFw X-Spam-Status: No X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) tags 17660 fixed close 17660 25.1 From unknown Sat Sep 13 23:19:37 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Tue, 06 Jan 2015 12:24:06 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator